from an enterprise view
TRANSCRIPT
From an Enterprise View
RADM Bob Day Asst Commandant for C4IT &
Director of Coast Guard Cyber Command
DHS Data Centers Enterprise Requirements
DOD Data Centers Enterprise Requirements
OMB 25 Pt Plan
Cybersecurity Standards & Governance
Mobile Computing Cloud
Recapitalization
User Demands & Expectations
Virtualization
$’s BCA Impacts
“What’s on My Mind”
What I’m Stocking Up On
C4IT Professional
OMB 25 Point Plan
• Portfolio Governance/Tech Stat Reviews. Terminate at least 1/3 of underperforming projects in
next 18 months. • Data Center Consolidation. Reduce to 800 by 2015 • Cloud First. ID 3 “must move” services within 3 months, move 1 within 12 months, remaining within 18 months. • Dedicated Prog Mgrs, IT Acquisition Pro’s, Consolidate commodity IT funding under CIO.
Big Change, Especially Culturally!!!!!!
Data Center Consolidation
• Looking for all opportunities to leverage DHS DC1/DC2, but it’s challenging when you are .mil. • Deepwater Horizon Data Archiving established at DC1. • DISA offerings including data center consolidation & e-mail since .mil. • “Everything” as a Service. • Key near term efforts to be evaluated against these new models include Financial System optimization, Logistics Information System (LIMS), Enterprise Sharepoint.
“Resistance is futile, you will be assimilated”
Cyber
• Completed shift to DOD Trusted Internet Connections. • Installed Host Based Security System (HBSS) on NIPR
& SIPR. • 20 CG personnel assigned to U.S. Cyber.
• CG Cyber in final stages of standup. 20+ personnel, new organizational alignments (especially IA), codifying
relationships with DOD/DHS. Fall 2012 IOC. • We will leverage DOD/US Cyber systems and processes (.mil) to achieve real-time monitoring & active defense. • Constant barrage of new standards and requirements
make this mission set very challenging. “We cannot fail in this area”
High Risk Device Usage
Month Android Camera Flash iPhone Total Nov -‐ 2011 1,253 335 1,642 584 3,814 Dec -‐ 2011 977 258 1,535 406 3,176 Jan -‐ 2012 775 148 1,461 242 2,626
Trends
8
C Cyber Events USCG TISCOM Bi-Weekly Command Brief
0
5,000
10,000
15,000
20,000
25,000
30,000
0
200
400
600
800
1,000
Jan 10
Feb 10
Mar 10
Apr 10
May 10
Jun 10
Jul 10
Aug 10
Sep 10
Oct 10
Nov 10
Dec 10
Jan 11
Feb 11
Mar 11
Apr 11
May 11
Jun 11
Jul 11
Aug 11
Sep 11
Oct 11
Nov 11
Dec 11
Chart Title
URL/IP Blocks Total Incidents Policy Violations
Cyber Program Mission Areas
CG One
Ports, Waterways, and Coastal Security
Living Marine Resources
Migrant InterdicKon
Counter Drug
Other Law Enforcement, Marine Safety
Provide a Secure PlaPorm Secure Ports and Waterways Provide Decision Advantage
Mobile Computing
• Continued high demand from programs and end users to leverage mobile computing & 3G/4G connectivity for almost every mission area. “It’s mission essential” . CBP TACCOM program is focal point for developing this capability.
• This must be built properly with needed infrastructure, security, and funding models to sustain for the long run.
• Current Win 6.X & Goodlink environment used for mobile messaging needs to be recapitalized. Moving to Droid and iOS platforms with Good for mobile messaging, via DMZ services. Apps, only if inside Good environment. Device is not a network endpoint. Established a chargeback framework to source needed dev/test/production environments for reliable services.
Clouds
Klingon Bird of Prey Bunny
Clouds
• We have already been there!! Our current Direct Access implementation is “in the Cloud” with IBM. We are looking at other opportunities especially for our CG Reserve and Auxiliary workforces.
• .mil status and security requirements makes Public Cloud initiatives challenging and likely not cost effective.
• DISA and DHS Private cloud offerings may be mandated including e-mail and Sharepoint as a service.
• Leverage COTS implementations with no customizations. Will require revamping of CG processes.
Virtualization
• Infrastructure costs, management overhead, and security are prime drivers to head this direction. Not every position requires a “thick” client on the desktop. • Conduct inventories of IT needs by position and codify IT capability to billet needs (from thick client to terminal/virtual environments). Eliminate IT by whim! • Reductions in Cyber attack surface (OS’s/clients) thru centralization and virtualization. Speed in provisioning, maintenance, and recapitalization are also attractive. • Would require some changes to current CG architecture and implementation (personal .pst’s).
“We are and will continue to evaluate this strategy”
Recapitalization
• Focus is on replacement of aging cutters and aircraft. These are absolutely critical for CG’s future. NSC, FRC, OPC, C-144, C-130J/upgrades. Very few AC&I $’s going to any programs not directly related to these assets.
• Key IT system recapitalization/upgrades being planned include Core Accounting System Optimization, initial spiral of Logistics Information Management System (recently designated a non-major acquisition). Focus is on non-customized COTS.
• Key electronics system include some radar, C2/SA, and radio systems that are beyond or rapidly approaching end of life cycle.
“Building the future CG”
User Demands & Expectations
• Seamless, always on, high bandwidth connectivity to the network , no matter what the location or the platform. There is an insatiable appetite for bandwidth on our cutters and it is considered absolutely mission critical. FBB and Ku is helping but in 6 months this will likely be considered unsatisfactory (need to defy the laws of physics).
• i”everything”, Droid “everything”, Web 3.0 “everything”, xG “everything”, and the latest version! Fueled by Gen X/Y/Z expectations to be constantly Linked In, Facebooked, Blogged, & IM’d as well as being able to access all CG systems. Balancing this constantly shifting landscape with EA, cyber security, & resources is the new Rubik’s Cube.
$’s for FY13-XX
New Out Year Financial Planning Tools
$’s for FY12-XX
“Tough Choices Will Have to Made, What’s The Right Balance”
Recapitalization, New Programs
Personnel, Benefits
Current Operations, Levels of Support
$’s for FY13-XX
• The decisions made on future budgets are going to define what the “future’ Coast Guard looks like and thus require serious thought and clear understanding of the impacts to this Nation. • The Coast Guard has unique capabilities that have proven invaluable to the Nation in numerous situations; “think Katrina, Deepwater Horizon, Maritime Law Enforcement, Maritime Safety and Security”. We cannot reduce these critical capabilities, but could perhaps discuss capacity so that we can surge when, not if, the next big event hits.
The Future I Am Hoping For
Questions?